I'm having a problem with LMS 2.6 and pushing configs out to our firewalls. We don't allow telnet into the firewalls, only SSH. LMS pulls the configs without a problem, but when I try to modify a config and push it out to a firewall it only seems to attempt to telnet and fails, so the config never gets pushed out. I made sure that SSH is the first in the list under RME transport settings for config deploy. Am I missing something else?
Solved! Go to Solution.
Then you need to select Config Editor from the pull-down in the RME > Admin > Config Mgmt > Transport Settings window, and make sure the deploy protocol order is correct there as well.
Here is the log from the last job I tried to run (I starred out the IP):
Command(s) failed on the device TELNET: Failed to establish TELNET connection to *.*.*.* - Cause: connect timed out. Insufficient no. of interactive responses(or timeout) for command
Ah I think I see the problem...I'm modifying an access-list and out of habbit I put no in front of the line I want to remove instead of just removing it...I'm going to try it again tonight...thanks! :)
Maybe I spoke to soon...I did remove the access-list line entirely...i still get the same error. Here it is:
e Command(s) failed on the device Insufficient no. of interactive responses(or timeout) for command: no access-list in_out extended permit ip host *.*.*.* any . TELNET: Failed to establish TELNET connection to *.*.*.* - Cause: connect timed out.
That's weird the access-list line gets removed even though I get the error (using RME). I tried removing 3 access-list lines instead of just one, I still get the same error, but one line does get removed. The line that gets removed is the same line that shows up in the error, and the other 2 lines do not get removed.
It works without a problem if I do it manually.
It would help to see the Config Editor job log with Config Job debugging enabled. If this data is too sensitive to post on an open forum, then I suggest you open a TAC service request.